<?php

// ##############################################################################||
// #                                                                 
// #   MySmartBB Version 1.7.0	                                      
// #   http://www.MySmartBB.com                                      
// #   Copyright (c) 2008 by MySmartBB team                           
// #   license http://opensource.org/licenses/gpl-license.php GNU Public License
// #                                                             
// #   filename : pm.php                                           
// #   private masseges system            
// #                                                                  
// ##############################################################################||

// ** General definitions **

     define('NOT_IN_INDEX',0);
     include('common.php');

     if ($member_permission == 1)
     {
         if ($groupper_row['use_pm'] == 0)
         {
			 $SF->html_title_page('الرسائل الخاصه - (Powered By MySmartBB Universal)');
             $SF->error('لا يمكنك استخدام الرسائل الخاصة');
         }

         if ($groupper_row['use_pm'] == 0)
         {
			 $SF->html_title_page('الرسائل الخاصه - (Powered By MySmartBB Universal)');
             $SF->error('لا يمكنك استخدام الرسائل الخاصه');
         }

         if ($groupper_row['min_send_pm'] > $member_row['posts'])
         {
			 $SF->html_title_page('الرسائل الخاصه - (Powered By MySmartBB Universal)');
             $SF->error('لا يمكنك استخدام الرسائل الخاصة لأن عدد مشاركاتك '.$member_row['posts'].' مشاركة أقل من المطلوب وهو '.$groupper_row['min_send_pm'].' مشاركة.');
         }

// ** Sending Private Message **
     if ($_GET['send'] == 1)
     {  
		 $SF->html_title_page('رسالة خاصة جديدة - (Powered By MySmartBB Universal)');
		 
         if ($groupper_row['send_pm'] == 0)
         {
             $SF->error('لا يمكنك إرسال رسالة خاصة');
         }

         if ($_GET['index'] == 1)
         {
             include('includes/SmartCode.js');


             $smiles_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "smiles WHERE smile_type='0' ORDER BY id ASC LIMIT 0,13");

             $smiles_row = array();
             while ($smile_row = $DB->sql_fetch_array($smiles_query))
             {
                 $smiles_row[] = $smile_row;
                 $Smarty->assign('smiles_row',$smiles_row);
             }

             $icons_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "smiles WHERE smile_type<>'0' ORDER BY id DESC");

             $icons_row = array();
             while ($icon_row = $DB->sql_fetch_array($icons_query))
             {
                 $icons_row[] = $icon_row;
                 $Smarty->assign('icons_row',$icons_row);
             }

             if (!empty($_GET['username']))
             {
                 $username = $SF->SafeOutPuts($_GET['username']);
                 $username = $SF->SafeSQL($username);

                 $Smarty->assign('username_show',htmlspecialchars($_GET['username']));
                 $Smarty->assign('username_value',htmlspecialchars($_GET['username']));
             }

             if (empty($_GET['username']))
             {
                 if ($info_row['use_list'] == 1)
                 {
                     $Smarty->assign('username_show','العضو');
                     $Smarty->assign('username_value',0);
                 }
             }

             $SF->GetSmartCode();
             $Smarty->assign('path_bar','<a href="pm.php?folder=inbox">الرسائل الخاصة</a> -> إرسال رسالة خاصة');
             $Smarty->display('usercp_menu.tpl');
             $Smarty->display('usercp_pm-send.tpl');
			 $SF->FastMove();
             $Smarty->display('footer.tpl');
         }
         elseif ($_GET['start'] == 1)
         {
             if (empty($_POST['T1']) or empty($_POST['S1']))
             {
                 $SF->error('يرجى تعبئة كافة المعلومات');
             }

             if (!eregi('[|]',$_POST['D1']))
             {
                 $pmmember_check = $DB->sql_query("SELECT * FROM " . $db_prefix . "member WHERE username='" . $_POST['D1'] . "'");
                 $pmmember_num   = $DB->sql_num_rows($pmmember_check);
                 $pmmember_row   = $DB->sql_fetch_array($pmmember_check);

                 $pgroupper_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "group WHERE id='" . $pmmember_row['usergroup'] . "'");
                 $pgroupper_row   = $DB->sql_fetch_array($pgroupper_query);

                 if ($pmmember_num <= 0)
                 {
                     $SF->error('العضو المطلوب الإرسال إليه غير موجود');
                 }

                 if ($pgroupper_row['resive_pm'] == 0)
                 {
                     $SF->error('المعذرة، هذا العضو لا يمكنه استقبال الرسائل الخاصة');
                 }

                 if ($pgroupper_row['max_pm'] != 0)
                 {
                     $pm_num = $DB->sql_num_rows($DB->sql_query("SELECT * FROM " . $db_prefix . "pm WHERE user_to='" . $pmmember_row['username'] . "'"));
                     if ($pm_num > $pgroupper_row['max_pm'])
                     {
                         $SF->error('المعذرة، استهلك هذا العضو الحد الاقصى لرسائله، لذلك لا يمكنه استقبال رسائل جديدة');
                     }
                 }

                 $text    = $_POST['S1'];
                 $insert  = $DB->sql_query("INSERT INTO " . $db_prefix . "pm(id,title,user_from,user_to,text,date,icon,folder) VALUES('NULL','" . $_POST['T1'] . "','" . $_COOKIE['MySBB_username'] . "','" . $_POST['D1'] . "','" . $text . "','" . $date . "','" . $_POST['R1'] . "','inbox')");
                 $insert2 = $DB->sql_query("INSERT INTO " . $db_prefix . "pm(id,title,user_from,user_to,text,date,icon,folder) VALUES('NULL','" . $_POST['T1'] . "','" . $_COOKIE['MySBB_username'] . "','" . $_POST['D1'] . "','" . $text . "','" . $date . "','" . $_POST['R1'] . "','sent')");
                 if ($insert)
                 {
                     $pm_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "pm WHERE user_to='" . $_POST['D1'] . "' AND user_read<>'1' AND folder='inbox'");
                     $pm_num   = $DB->sql_num_rows($pm_query);

                     $update = $DB->sql_query("UPDATE " . $db_prefix . "member SET unread_pm='" . $pm_num . "' WHERE username='" . $_POST['D1'] . "'");
                 }
             }
             else
             {
                 $get_users = explode('|',$_POST['D1']);
                 foreach ($get_users as $key=>$username)
                 {
                     $pmmember_check = $DB->sql_query("SELECT * FROM " . $db_prefix . "member WHERE username='" . $username . "'");
                     $pmmember_num = $DB->sql_num_rows($pmmember_check);
                     $pmmember_row = $DB->sql_fetch_array($pmmember_check);

                     $pgroupper_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "group WHERE id='" . $pmmember_row['usergroup'] . "'");
                     $pgroupper_row = $DB->sql_fetch_array($pgroupper_query);

                     if ($pmmember_num <= 0)
                     {
                         $SF->error('العضو '. $SF->SafeOutPuts($username) .' غير موجود !');
                     }

                     if ($pgroupper_row['resive_pm'] == 0)
                     {
                         $SF->error('العضو '. $SF->SafeOutPuts($username) .' لا يمكنه إستقبال رسائل خاصة !');
                     }

                     if ($pgroupper_row['max_pm'] != 0)
                     {
                         $pm_num = $DB->sql_num_rows($DB->sql_query("SELECT * FROM " . $db_prefix . "pm WHERE user_to='" . $pmmember_row['username'] . "'"));
                         if ($pm_num > $pgroupper_row['max_pm'])
                         {
                             $SF->error('المعذرة العضو '. $SF->SafeOutPuts($username) .' استهلك الحد الأقصى للرسائل المسموح بها لذا لا يمكنه استقبال أي رسائل خاصة');
                         }
                     }

                     $text = $_POST['S1'];
                     $insert = $DB->sql_query("INSERT INTO " . $db_prefix . "pm(id,title,user_from,user_to,text,date,icon,folder) VALUES('NULL','" . $_POST['T1'] . "','" . $_COOKIE['MySBB_username'] . "','" . $username . "','" . $text . "','" . $date . "','" . $_POST['R1'] . "','inbox')");
                     $insert2 = $DB->sql_query("INSERT INTO " . $db_prefix . "pm(id,title,user_from,user_to,text,date,icon,folder) VALUES('NULL','" . $_POST['T1'] . "','" . $_COOKIE['MySBB_username'] . "','" . $username . "','" . $text . "','" . $date . "','" . $_POST['R1'] . "','sent')");
                     if ($insert)
                     {
                         $pm_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "pm WHERE user_to='" . $username . "' AND user_read<>'1' AND folder='inbox'");
                         $pm_num   = $DB->sql_num_rows($pm_query);

                         $update = $DB->sql_query("UPDATE " . $db_prefix . "member SET unread_pm='" . $pm_num . "' WHERE username='" . $username . "'");
                     }
                 }
             }

             if ($insert)
             {
				$Smarty->assign('msgg','أُرسِلَت الرسالة الخاصة بنجاح'); 
                $Smarty->assign('GO','pm.php?folder=inbox');
				$SF->go_to('pm.php?folder=inbox',2);   
                $Smarty->display('loading.tpl');

                $Smarty->display('footer.tpl');
             }
         }
     }

// ** Enter TO Special Folder **
     if (!empty($_GET['folder']))
     {
         include('includes/pager.php');
         if (!isset($_GET['page']) OR $_GET['page'] < 1)
         {
             $_GET['page'] = 1;
         }

         $page  = intval($_GET['page']);
         $start = ($info_row['perpage'] * ($page-1));

         $RP = new Pager($page);

         $RP->SetPagerN($info_row['perpage'],$DB->sql_num_rows($DB->sql_query("SELECT * FROM " . $db_prefix . "pm WHERE user_to='" . $SF->SafeSQL($member_row['username']) . "' AND folder='" . $SF->SafeSQL($_GET['folder']) . "'")));

         $Smarty->assign('print_page',$RP->PageNum('folder=' . $_GET['folder']));

         if ($_GET['folder'] == 'inbox')
         {
             $SF->html_title_page('صندوق الرسائل - (Powered By MySmartBB Universal)');
             $Smarty->assign('pm_index','الرسائل الخاصة');
             $Smarty->assign('send_field','المرسل');
         }

         if ($_GET['folder'] == 'sent')
         {
             $SF->html_title_page('الرسائل المُرسَلة - (Powered By MySmartBB Universal)');
             $Smarty->assign('pm_index','الرسائل الواردة');
             $Smarty->assign('send_field','مرسلة إلى');
         }

         if ($_GET['folder'] == 'inbox')
         {
             $pm_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "pm WHERE user_to='" . $SF->SafeSQL($member_row['username']) . "' AND folder='inbox' ORDER BY id DESC LIMIT $start," . $info_row['perpage'] ."");
         }

         if ($_GET['folder'] == 'sent')
         {
             $pm_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "pm WHERE user_from='" . $SF->SafeSQL($member_row['username']) . "' AND folder='sent' ORDER BY id DESC LIMIT $start," . $info_row['perpage'] ."");
             $Smarty->assign('sent',1);
         }

         if ($_GET['folder'] != 'inbox' and $_GET['folder'] != 'sent')
         {
             $folder = $SF->SafeOutPuts($_GET['folder']);
             $folder = $SF->SafeSQL($folder);

             $pm_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "pm WHERE user_to='" . $SF->SafeSQL($member_row['username']) . "' AND folder='" . $folder . "' ORDER BY id DESC LIMIT $start," . $info_row['perpage'] ."");

             $pm_folder_check = $DB->sql_num_rows($pm_query);

             if ($pm_folder_check != 1)
             {
                 $SF->goto($_SERVER['PHP_SELF'].'?folder=inbox',2);
             }

             $SF->html_title_page($SF->SafeOutPuts($_GET['folder']) . ' - (Powered By MySmartBB Universal)');
             $Smarty->assign('pm_index',htmlspecialchars($_GET['folder']));
             $Smarty->assign('send_field','المرسل');
         }

         if ($_GET['folder'] != 'sent')
         {
             $getnum = $DB->sql_query("SELECT * FROM " . $db_prefix . "pm WHERE user_to='" . $SF->SafeSQL($member_row['username']) . "' AND folder='" . $SF->SafeSQL($_GET['folder']) . "'");
         }
         else
         {
             $getnum = $DB->sql_query("SELECT * FROM " . $db_prefix . "pm WHERE user_from='" . $SF->SafeSQL($member_row['username']) . "' AND folder='" . $SF->SafeSQL($_GET['folder']) . "'");
         }

         $pm_num = $DB->sql_num_rows($getnum);

         $pms_row = array();
         while ($pm_row = $DB->sql_fetch_array($pm_query))
         {
             $pms_row[] = $pm_row;
             $Smarty->assign('pms_row',$pms_row);
         }

         if ($groupper_row['max_pm'] != 0)
         {
             $pm_max = 'استهلكت ' . $pm_num . ' من أصل ' . $groupper_row['max_pm'];
             $Smarty->assign('pm_max',$pm_max);
         }

         if ($groupper_row['max_pm'] == 0)
         {
             $pm_max = 'استهلكت ' . $pm_num . ' من عدد لا نهائي من الرسائل';
             $Smarty->assign('pm_max',$pm_max);
         }

         $Smarty->assign('folder',htmlspecialchars($_GET['folder']));
         $Smarty->display('usercp_menu.tpl');
         $Smarty->display('usercp_pm-inbox.tpl');
		 $SF->FastMove();
         $Smarty->display('footer.tpl');
     }

// ** Read Message **

     if ($_GET['read'] == 1)
     {
         include('includes/SmartCode.js');
         $id = intval($_GET['id']);
         if (isset($_GET['sent']))
         {
             $read_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "pm WHERE id='" . $id . "' AND user_from='" . $SF->SafeSQL($member_row['username']) . "'");
             $Smarty->assign('sent','1');
         }

         if (!isset($_GET['sent']))
         {
             $read_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "pm WHERE id='" . $id . "' AND user_to='" . $SF->SafeSQL($member_row['username']) . "'");
         }

         $read_row = $DB->sql_fetch_array($read_query);
		 
         if ($SF->SafeSQL($member_row['username']) == $read_row['user_to'])
		 {
			if ($read_row['user_read'] != 1 and !isset($_GET['sent']))
				{
					$update = $DB->sql_query("UPDATE " . $db_prefix . "member SET unread_pm=unread_pm-1 WHERE username='" . $SF->SafeSQL($member_row['username']) . "'");
				}
		 }
		 else
		 {
		  $SF->html_title_page('الاطلاع على رساله خاصه - (Powered By MySmartBB Universal)');
			$SF->error('المعذرة هذه الرسالة غير موجودة');
		 }

         $sender_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "member WHERE username='" . $SF->SafeSQL($read_row['user_from']) . "'");
         $sender_row   = $DB->sql_fetch_array($sender_query);

         $usergroup_qry = $DB->sql_query("SELECT * FROM " . $db_prefix . "group WHERE id = '" . $sender_row['usergroup'] . "'");
         $usergroup_row = $DB->sql_fetch_array($usergroup_qry);

         $sender = str_replace('[username]', $SF->SafeSQL($sender_row['username']), $usergroup_row['username_style']);
         $Smarty->assign('sender', $sender);

         $usersig = $sender_row['user_sig'];

         $SF->html_title_page($SF->SafeOutPuts($read_row['title']) . ' - (Powered By MySmartBB Universal)');

         if ($sender_row['user_gender'] == 'm')
         {
             $Smarty->assign('gender','ذكر');
         }

         if ($sender_row['user_gender'] == 'f')
         {
             $Smarty->assign('gender','انثى');
         }

         $register_date = $SF->DateFormatDo($sender_row['register_date']);

         $Smarty->assign('register_date',$register_date);

         $writeronline_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "online WHERE username='" . $SF->SafeSQL($sender_row['username']) . "'");

         if ($DB->sql_num_rows($writeronline_query) > 0)
         {
             $Smarty->assign('status',"<font class='online'>متصل</font>");
         }

         if ($DB->sql_num_rows($writeronline_query) <= 0)
         {
             $Smarty->assign('status',"<font class='offline'>غير متصل</font>");
         }

         $id = $read_row['id'];
         $text = $read_row['text'];
         $datepm = $read_row['date'];

         $text = str_replace('>', '&gt;', $text);
         $text = str_replace('<', '&lt;', $text);

         $text    = $SF->SmilesReplace($text);
         $usersig = $SF->SmilesReplace($usersig);

         $text    = $SF->SmartCode_replace($text);
         $usersig = $SF->SmartCode_replace($usersig);

         if ($_GET['folder'] != 'inbox' and $_GET['folder'] != 'sent')
         {
             $pmfolder_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "pmfolder WHERE folder_name='" . $SF->SafeSQL($read_row['folder']) . "' AND username='" . $SF->SafeSQL($member_row['username']) . "'");
             $pmfolder_row   = $DB->sql_fetch_array($pmfolder_query);
             $Smarty->assign_by_ref('pmfolder_row',$pmfolder_row);
         }

         if (!isset($_GET['sent']))
         {
             $update = $DB->sql_query("UPDATE " . $db_prefix . "pm SET user_read='1' WHERE id='".$id."'");
         }

         $smiles_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "smiles WHERE smile_type='0' ORDER BY id ASC LIMIT 0,13");

         $smiles_row = array();
         while ($smile_row = $DB->sql_fetch_array($smiles_query))
         {
             $smiles_row[] = $smile_row;
             $Smarty->assign('smiles_row',$smiles_row);
         }

         $icons_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "smiles WHERE smile_type<>'0' ORDER BY id DESC");

         $icons_row = array();
         while ($icon_row = $DB->sql_fetch_array($icons_query))
         {
             $icons_row[] = $icon_row;
             $Smarty->assign('icons_row',$icons_row);
         }

         $title = str_replace('رد :','',$read_row['title']);
         $rtext = str_replace('<br /> ','',$read_row['text']);
         $rtext = htmlspecialchars($rtext);
         $rtext = str_replace('<br />','',$read_row['text']);

         $read_row['title'] = $SF->SafeOutPuts($read_row['title']);
         $Smarty->assign('id',$id);
         $Smarty->assign('title',$title);
         $Smarty->assign('text',$text);
         $Smarty->assign('datepm',$datepm);
         $Smarty->assign('rtext',$rtext);
         $Smarty->assign('usersig',$usersig);
         $Smarty->assign('read_row',$read_row);
         $Smarty->assign_by_ref('sender_row',$sender_row);

         if (empty($pmfolder_row))
         {
             $Smarty->assign('path_bar','<a href="pm.php?folder=inbox">الرسائل الخاصة</a> -> ' . $read_row['title'] . '</div>');
         }

         if (!empty($pmfolder_row))
         {
             $Smarty->assign('path_bar','<a href="pm.php?folder=pm.php?show_folders=1&index=1">المجلدات</a> ->
                              <a href="pm.php?folder=' . htmlspecialchars($pmfolder_row['folder_name']) .'">' . htmlspecialchars($pmfolder_row['folder_name']) . '</a>
                              -> ' . $read_row['title'] . '</div>');
         }

         $SF->GetSmartCode();
         $Smarty->display('usercp_menu.tpl');
         $Smarty->display('usercp_pm-show.tpl');
		 $SF->FastMove();
         $Smarty->display('footer.tpl');
     }

// ** قائمة المراسلات : or Friends list **

     if ($_GET['list'] == 1)
     {           
		$SF->html_title_page('قائمة المراسلات - (Powered By MySmartBB Universal)');
         if ($_GET['index'] == 1)
         {
             $pmlist_query = $DB->sql_query("SELECT * FROM " . $db_prefix . "pmlists WHERE username='" . $SF->SafeSQL($member_row['username']) . "'");
             $pmlist_num   = $DB->sql_num_rows($pmlist_query);
             $Smarty->assign('pmlist_num',$pmlist_num);


             ## Get send list
             $pmlists_row = array();
             while ($pmlist_row = $DB->sql_fetch_array($pmlist_query))
             {
                 $pmlists_row[] = $pmlist_row;
                 $Smarty->assign('pmlists_row',$pmlists_row);
             }


             $Smarty->display('usercp_menu.tpl');
             $Smarty->display('usercp_friends-list.tpl');
			 $SF->FastMove();
             $Smarty->display('footer.tpl');
         }

         if ($_GET['start'] == 1)
         {
             $check  = $DB->sql_query("SELECT * FROM " . $db_prefix . "pmlists WHERE list_username='" . $_POST['D1'] . "' AND username='" . $member_row['username'] ."'");
             $check2 = $DB->sql_query("SELECT * FROM " . $db_prefix . "member WHERE username='" . $_POST['D1'] . "'");

             if ($_POST['D1'] == $member_row['username'])
             {
                 $SF->error('لا يمكن للعضو إضافة نفسه');
             }

             if ($DB->sql_num_rows($check2) <= 0)
             {
                 $SF->error('العضو المطلوب غير موجود');
             }

             if ($DB->sql_num_rows($check) > 0)
             {
                 $SF->error('لقد قمت بإضافة هذا العضو سابقاً');
             }

             $insert = $DB->sql_query("INSERT INTO " . $db_prefix . "pmlists(id,list_username,username) VALUES('NULL','" . $_POST['D1'] . "','" . $SF->SafeSQL($member_row['username']) ."')");
             if ($insert)
             {
				$Smarty->assign('msgg','أُضيفَ العضو بنجاح'); 
                $Smarty->assign('GO','pm.php?list=1&index=1');
				$SF->go_to('pm.php?list=1&index=1',2);
                $Smarty->display('loading.tpl');

                $Smarty->display('footer.tpl');
             }
         }

         if ($_GET['del'] == 1)
         {
             $check = $DB->sql_query("SELECT * FROM " . $db_prefix . "pmlists WHERE list_username='" . $_GET['username'] . "'");
             if ($DB->sql_num_rows($check) <= 0)
             {
                 $SF->error('العضو المطلوب حذفه من القائمة غير موجود');
             }

             if (empty($_GET['username']))
             {
                 $SF->error('الرابط المتبع خاطئ');
             }

             $del = $DB->sql_query("DELETE FROM " . $db_prefix . "pmlists WHERE list_username='" . $_GET['username'] . "' AND username='" . $SF->SafeSQL($member_row['username']) . "'");
             if ($del)
             {
				$Smarty->assign('msgg','حُذِفَ العضو بنجاح'); 
                $Smarty->assign('GO','pm.php?list=1&index=1');
				$SF->go_to('pm.php?list=1&index=1',2);
                $Smarty->display('loading.tpl');
				
                $Smarty->display('footer.tpl');
             }
         }
     }

// ** Delete Message **

     if ($_GET['del_pm'] == 1)
     {
	 	$SF->html_title_page('حذف رساله خاصه - (Powered By MySmartBB Universal)');
         $del_id = $_POST['del'];

         if ($del_id)
         {
             foreach ($del_id as $id)
             {
                 $pm_query = $DB->sql_fetch_array($DB->sql_query("SELECT * FROM " . $db_prefix . "pm where id='" . intval($id) . "'"));
                 if ($pm_query['user_read'] != 1)
                 {
                     $update = $DB->sql_query("UPDATE " . $db_prefix . "member SET unread_pm=unread_pm-1 WHERE username='" . $SF->SafeSQL($member_row['username']) . "'");
                 }
                 $del = $DB->sql_query("DELETE FROM " . $db_prefix . "pm WHERE id='" . intval($id) . "' AND user_to='" . $SF->SafeSQL($member_row['username']) . "'");
             }
         }
         else
         {
             $del = $DB->sql_query("DELETE FROM " . $db_prefix . "pm WHERE id='" . $id . "' AND user_to='" . $SF->SafeSQL($member_row['username']) . "'");
         }

         if ($del)
         {
				$Smarty->assign('msgg','حُذِفَ بنجاح'); 
                $Smarty->assign('GO','pm.php?folder=inbox');
				$SF->go_to('pm.php?folder=inbox',2);
                $Smarty->display('loading.tpl');
				
	            $Smarty->display('footer.tpl');
         }
     }

// ** Delete Message From Sent folder **

     if ($_GET['del_sent'] == 1)
     {
	     $SF->html_title_page('حذف رساله خاصه - (Powered By MySmartBB Universal)');
         $del_id = $_POST['del'];
         if ($del_id)
         {
             foreach ($del_id as $id)
             {
                 $del = $DB->sql_query("DELETE FROM " . $db_prefix . "pm WHERE id='" . intval($id) . "' AND user_from='" . $SF->SafeSQL($member_row['username']) . "' AND folder='sent'");
             }
         }
         else
         {
             $del = $DB->sql_query("DELETE FROM " . $db_prefix . "pm WHERE id='" . $id . "' AND user_from='" . $SF->SafeSQL($member_row['username']) . "' AND folder='sent'");
         }

         if ($del)
         {


				$Smarty->assign('msgg','حُذِفَ بنجاح'); 
                $Smarty->assign('GO','pm.php?folder=sent');
				$SF->go_to('pm.php?folder=sent',2);
                $Smarty->display('loading.tpl');

	            $Smarty->display('footer.tpl');
         }
     }

// ** **

     }
	 else
	  {
		$SF->html_title_page('لوحة التحكم - (Powered By MySmartBB Universal)');
		$SF->error('غير مسموح لك بالدخول لهذه الصفحة');
	  }


?>